b'           OFFICE OF\n    THE INSPECTOR GENERAL\n\nSOCIAL SECURITY ADMINISTRATION\n\n\n          SINGLE AUDIT OF\n       THE STATE OF NEW YORK\n        FOR THE FISCAL YEAR\n        ENDED MARCH 31, 2007\n\n     March 2009    A-77-09-00008\n\n\n\n\n MANAGEMENT\nADVISORY REPORT\n\x0c                                    Mission\nBy conducting independent and objective audits, evaluations and investigations,\nwe inspire public confidence in the integrity and security of SSA\xe2\x80\x99s programs and\noperations and protect them against fraud, waste and abuse. We provide timely,\nuseful and reliable information and advice to Administration officials, Congress\nand the public.\n\n                                   Authority\nThe Inspector General Act created independent audit and investigative units,\ncalled the Office of Inspector General (OIG). The mission of the OIG, as spelled\nout in the Act, is to:\n\n  \xef\x81\xad Conduct and supervise independent and objective audits and\n    investigations relating to agency programs and operations.\n  \xef\x81\xad Promote economy, effectiveness, and efficiency within the agency.\n  \xef\x81\xad Prevent and detect fraud, waste, and abuse in agency programs and\n    operations.\n  \xef\x81\xad Review and make recommendations regarding existing and proposed\n    legislation and regulations relating to agency programs and operations.\n  \xef\x81\xad Keep the agency head and the Congress fully and currently informed of\n    problems in agency programs and operations.\n\n  To ensure objectivity, the IG Act empowers the IG with:\n\n  \xef\x81\xad Independence to determine what reviews to perform.\n  \xef\x81\xad Access to all information necessary for the reviews.\n  \xef\x81\xad Authority to publish findings and recommendations based on the reviews.\n\n                                     Vision\nWe strive for continual improvement in SSA\xe2\x80\x99s programs, operations and\nmanagement by proactively seeking new ways to prevent and deter fraud, waste\nand abuse. We commit to integrity and excellence by supporting an environment\nthat provides a valuable public service while encouraging employee development\nand retention and fostering diversity and innovation.\n\x0c                                    SOCIAL SECURITY\nMEMORANDUM\n\nDate:   March 17, 2009                                                           Refer To:\n\nTo:     Candace Skurnik\n        Director\n        Audit Management and Liaison Staff\n\nFrom:   Inspector General\n\nSubject: Management Advisory Report: Single Audit of the State of New York for the Fiscal Year\n        Ended March 31, 2007 (A-77-09-00008)\n\n\n        This report presents the Social Security Administration\xe2\x80\x99s (SSA) portion of the single\n        audit of the State of New York for the fiscal year ended March 31, 2007. Our objective\n        was to report internal control weaknesses, noncompliance issues, and unallowable\n        costs identified in the single audit to SSA for resolution action.\n\n        The accounting firm of Toski, Schaefer & Company, P.C. performed the audit. The\n        Department of Health and Human Services (HHS) desk review concluded that the audit\n        met Federal requirements. In reporting the results of the single audit, we relied entirely\n        on the internal control and compliance work performed by the accounting firm of Toski,\n        Schaefer & Company, P.C., and the reviews performed by HHS. We conducted our\n        review in accordance with the Quality Standards for Inspections issued by the\n        President\xe2\x80\x99s Council on Integrity and Efficiency.\n\n        For single audit purposes, the Office of Management and Budget (OMB) assigns\n        Federal programs a Catalog of Federal Domestic Assistance (CFDA) number. SSA\xe2\x80\x99s\n        Disability Insurance (DI) and Supplemental Security Income (SSI) programs are\n        identified by CFDA number 96. SSA is responsible for resolving single audit findings\n        reported under this CFDA number.\n\n        The New York Disability Determination Services (DDS) performs disability\n        determinations under SSA\xe2\x80\x99s DI and SSI programs in accordance with Federal\n        regulations. The New York DDS is reimbursed for 100 percent of allowable costs. The\n        Office of Temporary and Disability Assistance (OTDA) is the New York DDS\xe2\x80\x99 parent\n        agency.\n\x0cPage 2 \xe2\x80\x93 Candace Skurnik\n\n\nThe single audit reported that:\n\n   1. OTDA had insufficient standards for the documentation of critical systems\n      applications (Attachment, Pages 1 and 2). The corrective action plan indicates\n      OTDA has undertaken several improvements including developing written\n      descriptions of documentation standards (Attachment, Pages 3 through 6).\n\n   2. Software developers inappropriately had the ability to update software in the\n      production environment (Attachment, Pages 7 and 8). The corrective action plan\n      indicates OTDA has a process to control software developer access to the\n      production environment (Attachment, Pages 9 through 11).\n\n   3. OTDA did not have a plan in place for periodic testing of systems data recovery\n      in the event of an interruption, and it had not performed a test to ensure a\n      complete and error-free recovery of systems data (Attachment, Pages 12 and\n      13). The corrective action plan indicates that recovery testing was successfully\n      performed and plans are in place to periodically run similar recovery testing in the\n      future (Attachment, Pages 14 through 15).\n\n   4. Contracts reimbursed with Federal funds did not identify the required Federal\n      award information (Attachment, Pages 16 and 17). The corrective action plan\n      indicates the required Federal award information will be included in all future\n      contracts (Attachment, Pages 18 and 19).\n\n   5. Indirect costs were charged to various Federal agencies, including SSA, based\n      on cost allocation plan (CAP) methodologies that were pending approval by HHS\xe2\x80\x99\n      Division of Cost Allocation (DCA) (Attachment, Pages 20 and 21). The corrective\n      action plan correctly reports that indirect costs can be charged based on\n      allocation methodologies that have been submitted to DCA for approval\n      (Attachment, Pages 22 and 23).\n\nWe recommend that SSA:\n\n   1. Verify OTDA policies and procedures are adequate to ensure the New York DDS\xe2\x80\x99\n      critical system applications are sufficiently documented.\n\n   2. Ensure that OTDA policies and procedures prevent software developer access to\n      the production environment.\n\n   3. Determine whether OTDA developed adequate procedures for performing\n      periodic data recovery testing of the systems used by the New York DDS.\n\n   4. Verify that the required Federal award information will be included in all contracts\n      related to the New York DDS\xe2\x80\x99s activities.\n\x0cPage 3 \xe2\x80\x93 Candace Skurnik\n\n\n   5. Upon DCA\xe2\x80\x99s approval of the CAP, work with OTDA to ensure the indirect costs\n      charged to the New York DDS were in accordance with CAP\xe2\x80\x99s approved\n      methodologies.\n\nPlease send copies of the final Audit Clearance Document to Ken Bennett. If you have\nquestions contact Ken Bennett at (816) 221-0315 extension 1558.\n\n\n\n                                             S\n                                             Patrick P. O\xe2\x80\x99Carroll, Jr.\n\x0c Attachment\nPage 1 of 23\n\x0c Attachment\nPage 2 of 23\n\x0c Attachment\nPage 3 of 23\n\x0c Attachment\nPage 4 of 23\n\x0c Attachment\nPage 5 of 23\n\x0c Attachment\nPage 6 of 23\n\x0c Attachment\nPage 7 of 23\n\x0c Attachment\nPage 8 of 23\n\x0c Attachment\nPage 9 of 23\n\x0c  Attachment\nPage 10 of 23\n\x0c  Attachment\nPage 11 of 23\n\x0c  Attachment\nPage 12 of 23\n\x0c  Attachment\nPage 13 of 23\n\x0c  Attachment\nPage 14 of 23\n\x0c  Attachment\nPage 15 of 23\n\x0c  Attachment\nPage 16 of 23\n\x0c  Attachment\nPage 17 of 23\n\x0c  Attachment\nPage 18 of 23\n\x0c  Attachment\nPage 19 of 23\n\x0c  Attachment\nPage 20 of 23\n\x0c  Attachment\nPage 21 of 23\n\x0c  Attachment\nPage 22 of 23\n\x0c  Attachment\nPage 23 of 23\n\x0c                         Overview of the Office of the Inspector General\nThe Office of the Inspector General (OIG) is comprised of an Office of Audit (OA), Office of Investigations\n(OI), Office of the Counsel to the Inspector General (OCIG), Office of External Relations (OER), and Office of\nTechnology and Resource Management (OTRM). To ensure compliance with policies and procedures, internal\ncontrols, and professional standards, the OIG also has a comprehensive Professional Responsibility and Quality\nAssurance program.\n                                                  Office of Audit\nOA conducts financial and performance audits of the Social Security Administration\xe2\x80\x99s (SSA) programs and\noperations and makes recommendations to ensure program objectives are achieved effectively and efficiently.\nFinancial audits assess whether SSA\xe2\x80\x99s financial statements fairly present SSA\xe2\x80\x99s financial position, results of\noperations, and cash flow. Performance audits review the economy, efficiency, and effectiveness of SSA\xe2\x80\x99s\nprograms and operations. OA also conducts short-term management reviews and program evaluations on issues\nof concern to SSA, Congress, and the general public.\n                                              Office of Investigations\nOI conducts investigations related to fraud, waste, abuse, and mismanagement in SSA programs and operations.\nThis includes wrongdoing by applicants, beneficiaries, contractors, third parties, or SSA employees performing\ntheir official duties. This office serves as liaison to the Department of Justice on all matters relating to the\ninvestigation of SSA programs and personnel. OI also conducts joint investigations with other Federal, State,\nand local law enforcement agencies.\n                            Office of the Counsel to the Inspector General\nOCIG provides independent legal advice and counsel to the IG on various matters, including statutes,\nregulations, legislation, and policy directives. OCIG also advises the IG on investigative procedures and\ntechniques, as well as on legal implications and conclusions to be drawn from audit and investigative material.\nAlso, OCIG administers the Civil Monetary Penalty program.\n                                        Office of External Relations\nOER manages OIG\xe2\x80\x99s external and public affairs programs, and serves as the principal advisor on news releases\nand in providing information to the various news reporting services. OER develops OIG\xe2\x80\x99s media and public\ninformation policies, directs OIG\xe2\x80\x99s external and public affairs programs, and serves as the primary contact for\nthose seeking information about OIG. OER prepares OIG publications, speeches, and presentations to internal\nand external organizations, and responds to Congressional correspondence.\n                           Office of Technology and Resource Management\nOTRM supports OIG by providing information management and systems security. OTRM also coordinates\nOIG\xe2\x80\x99s budget, procurement, telecommunications, facilities, and human resources. In addition, OTRM is the\nfocal point for OIG\xe2\x80\x99s strategic planning function, and the development and monitoring of performance\nmeasures. In addition, OTRM receives and assigns for action allegations of criminal and administrative\nviolations of Social Security laws, identifies fugitives receiving benefit payments from SSA, and provides\ntechnological assistance to investigations.\n\x0c'